Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: 0tSTVpZHINx2jRH8K51BhiVxIEduppRnM32ipYKAFIQ=
Subject key identifier: 7B:30:1E:64:EC:D8:34:55:6B:3D:5C:06:D1:EA:D1:02:2D:74:8E:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6AEE577E4943B45E7CE6A4145F10AF92690BB50B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Mon 31 Mar 2025 21:20:05 +0000
ROA not before: Mon 31 Mar 2025 21:20:05 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:ee:57:7e:49:43:b4:5e:7c:e6:a4:14:5f:10:af:92:69:0b:b5:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:20:05 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=e775405490e2867ca7275886f36150805804aaef72771f26877ec048c0582d0e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:17:28:ef:ed:a3:41:78:7b:67:56:bd:d2:ab:
90:c0:2b:af:fc:31:ed:79:8b:bb:15:13:06:ab:49:
f0:c5:fe:fd:a1:ff:e8:ac:6a:39:4f:31:99:3d:a1:
37:d5:53:58:3b:25:6d:fb:06:75:23:e7:dd:a5:5c:
c0:97:b0:12:da:39:9f:71:8c:53:f8:11:f8:47:e6:
87:37:49:10:ea:b2:8a:73:87:f0:3c:05:e8:a3:9e:
63:58:63:51:c7:f3:dd:84:9a:a8:32:4b:f0:05:d0:
fb:50:60:67:8a:2b:20:a9:af:db:d9:53:1c:63:18:
b7:4a:27:fa:3d:f1:89:95:6a:c6:e5:62:19:70:a0:
40:db:21:55:2e:22:8d:dd:9d:64:88:90:f4:95:a0:
48:34:42:cb:b6:74:70:a1:40:6c:f1:2f:1e:c0:32:
36:ae:01:ee:ed:b7:28:14:70:41:68:b9:6a:ed:91:
e8:c1:fe:df:6b:f4:ca:fd:8c:32:80:93:b6:e0:6f:
e6:ff:59:f2:32:ff:e4:bf:18:90:50:27:c0:4f:80:
f8:91:50:73:b3:8b:8d:ce:e8:27:09:cd:dd:60:1d:
13:33:d1:68:70:f0:3a:b7:e6:41:ea:bc:6d:c4:36:
a5:cd:e0:6f:bf:02:f9:3a:7e:27:ca:76:89:11:8b:
b2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:30:1E:64:EC:D8:34:55:6B:3D:5C:06:D1:EA:D1:02:2D:74:8E:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
be:83:3e:42:d1:c9:fe:00:4e:6e:ff:63:27:b9:d8:3b:04:23:
33:9b:b2:4f:92:e1:ec:76:3d:8f:08:4d:55:87:7b:40:65:ed:
94:6c:e8:02:93:c0:b0:c7:0f:1c:69:d3:5c:13:c4:83:18:36:
c1:06:6c:4f:cd:2f:f9:fd:db:fe:fe:4f:f0:9e:64:c6:e2:ce:
f2:fa:6b:e5:31:46:9e:a1:5b:7c:f4:50:6e:87:5f:46:76:9d:
02:5d:08:47:56:00:3c:68:df:f7:d3:d0:65:65:3b:0c:c5:88:
69:16:4e:dc:df:62:4b:aa:38:64:ac:08:56:53:08:dc:f3:af:
1a:25:8d:4f:1c:eb:01:a5:4c:e8:fe:10:72:4d:89:5f:d1:b8:
92:bd:46:d9:68:a7:1e:de:c4:f6:5a:67:27:41:e4:9f:b0:90:
00:7b:f1:78:f7:91:0d:d7:34:c7:60:10:78:0d:de:bf:27:da:
ab:f1:59:53:e9:4f:4c:29:3a:87:bc:b2:04:20:c9:29:56:df:
f6:e2:78:a7:db:82:bc:16:ce:9d:da:5d:4e:02:2e:60:72:34:
2c:66:df:31:e1:45:d4:70:13:f0:e0:e7:05:29:1f:d4:9b:49:
64:31:92:d7:d3:d9:bf:5a:84:09:59:8f:fd:36:c8:7a:7c:52:
89:62:aa:54
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUau5XfklDtF585qQUXxCvkmkLtQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTIwMDVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3NzU0MDU0OTBlMjg2N2NhNzI3NTg4NmYzNjE1MDgwNTgwNGFhZWY3Mjc3
MWYyNjg3N2VjMDQ4YzA1ODJkMGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8XKO/to0F4e2dWvdKrkMArr/wx7XmLuxUTBqtJ8MX+/aH/6KxqOU8xmT2h
N9VTWDslbfsGdSPn3aVcwJewEto5n3GMU/gR+EfmhzdJEOqyinOH8DwF6KOeY1hj
Ucfz3YSaqDJL8AXQ+1BgZ4orIKmv29lTHGMYt0on+j3xiZVqxuViGXCgQNshVS4i
jd2dZIiQ9JWgSDRCy7Z0cKFAbPEvHsAyNq4B7u23KBRwQWi5au2R6MH+32v0yv2M
MoCTtuBv5v9Z8jL/5L8YkFAnwE+A+JFQc7OLjc7oJwnN3WAdEzPRaHDwOrfmQeq8
bcQ2pc3gb78C+Tp+J8p2iRGLsqcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7MB5k
7Ng0VWs9XAbR6tECLXSOtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQC+gz5C0cn+AE5u/2Mnudg7BCMzm7JPkuHsdj2PCE1V
h3tAZe2UbOgCk8Cwxw8cadNcE8SDGDbBBmxPzS/5/dv+/k/wnmTG4s7y+mvlMUae
oVt89FBuh19Gdp0CXQhHVgA8aN/309BlZTsMxYhpFk7c32JLqjhkrAhWUwjc868a
JY1PHOsBpUzo/hByTYlf0biSvUbZaKce3sT2WmcnQeSfsJAAe/F495EN1zTHYBB4
Dd6/J9qr8VlT6U9MKTqHvLIEIMkpVt/24nin24K8Fs6d2l1OAi5gcjQsZt8x4UXU
cBPw4OcFKR/Um0lkMZLX09m/WoQJWY/9Nsh6fFKJYqpU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net